GeneralInformation

Hostnames	meccahosting.com david.meccahosting.com
Domains	meccahosting.com
Cloud Provider	Linode
Cloud Region	us-tx
Country	United States
City	Richardson
Organization	Linode
ISP	Akamai Connected Cloud
ASN	AS63949

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2017-12419

4.0If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory (as recommended in the "Post-installation and upgrade tasks" section of the MantisBT Admin Guide), and the MySQL client has a local_infile setting enabled (in php.ini mysqli.allow_local_infile, or the MySQL client config file, depending on the PHP setup), an attacker may take advantage of MySQL's "connect file read" feature to remotely access files on the MantisBT server.

CVE-2009-2942

7.5The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.

OpenPorts

21 53 80 443 3306 8080

-1790782239 | 2024-04-24T13:50:21.262532

21 / tcp

220 FTP Server ready.
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
 CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
 EPRT    EPSV    ALLO    RNFR    RNTO    DELE    MDTM    RMD     
 XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
 NOOP    FEAT    OPTS    HOST    CLNT    AUTH    CCC*    CONF*   
 ENC*    MIC*    PBSZ    PROT    TYPE    STRU    MODE    RETR    
 STOR    STOU    APPE    REST    ABOR    RANG    USER    PASS    
 ACCT*   REIN*   LIST    NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@23.239.28.228
211-Features:
 AUTH TLS
 CCC
 CLNT
 CSID
 EPRT
 EPSV
 HOST
 LANG en-US*
 MDTM
 MFF modify;UNIX.group;UNIX.mode;
 MFMT
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
 PBSZ
 PROT
 RANG STREAM
 REST STREAM
 SIZE
 SSCN
 TVFS
 UTF8
211 End

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            8e:82:32:b0:e7:a3:24:4f:19:7b:34:f1:d0:29:a6:8e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Jan 26 00:00:00 2024 GMT
            Not After : Jan 25 23:59:59 2025 GMT
        Subject: CN=*.meccahosting.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d9:13:84:89:a1:45:a2:d9:a2:3d:d4:27:22:1e:
                    96:82:5c:e1:d1:c2:e1:c5:46:d1:1e:58:0e:51:c1:
                    90:69:35:1b:ed:cd:da:cf:ae:3a:bd:fa:c8:b8:74:
                    04:b8:b8:f3:b9:9a:a9:5a:7c:7d:6d:4d:7f:5a:9b:
                    95:fb:a3:ed:b9:6c:fb:63:9c:c7:b0:aa:00:87:43:
                    ad:fa:83:26:2b:e1:0a:f8:47:08:73:21:b6:79:81:
                    1f:66:6d:3d:7c:ce:21:64:2a:76:fa:75:33:f7:16:
                    23:df:f0:3a:1b:d5:08:b7:cd:6d:b0:b5:28:35:74:
                    77:20:c6:f4:55:fa:69:d3:c9:93:f0:c3:3f:3d:26:
                    02:39:0a:47:23:b8:af:93:46:95:ec:4d:39:a5:46:
                    8c:f7:95:6e:00:52:30:ad:90:83:fd:91:b6:49:f2:
                    0c:1d:2d:af:55:c8:94:21:fe:7e:af:1c:5b:42:e9:
                    92:b8:9d:35:05:eb:3f:47:12:c1:2a:da:82:de:ba:
                    f8:ad:d0:ae:e7:6a:dc:e2:54:23:74:fb:bd:6a:38:
                    36:e5:29:7c:e7:f4:4d:b7:a2:de:3e:8d:ba:4b:69:
                    de:37:2d:cf:d1:26:0f:46:6b:89:50:49:2d:0a:d2:
                    42:74:d8:55:86:c0:0c:dc:cd:be:be:8d:fa:11:25:
                    92:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                F3:21:40:15:BA:CA:90:E8:77:2C:D6:12:D6:98:27:43:AA:E0:3B:13
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.meccahosting.com, DNS:meccahosting.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Jan 26 13:55:12.273 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:30:4E:6D:91:CF:C1:D4:C2:91:AF:3E:C1:
                                F8:AE:E1:90:FB:FB:EE:0D:9E:5E:A9:AD:A3:AA:B2:01:
                                9B:BC:C6:1B:02:21:00:C1:DB:6E:7E:C0:38:EC:A6:27:
                                08:AE:65:6D:38:44:F5:54:41:85:A1:26:06:96:07:83:
                                45:1E:2B:C5:9A:E6:0C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan 26 13:55:12.229 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6F:BB:C5:A1:DF:EA:D6:79:2A:9A:C8:0C:
                                CB:DA:E5:B0:74:4E:E6:46:05:F2:67:14:23:C4:DB:C8:
                                AE:F3:9A:C9:02:21:00:E8:7E:F7:E6:BF:98:63:29:6F:
                                43:D0:52:43:C6:65:B2:97:4C:BF:A0:25:98:DE:6E:82:
                                CE:E3:0C:28:24:72:70
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Jan 26 13:55:12.240 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A0:F7:14:F4:41:6B:E2:BA:05:F9:41:
                                61:FD:02:A4:07:EB:91:0B:8D:21:D6:02:BD:16:1C:62:
                                6E:2F:9D:D5:F5:02:20:6D:0F:30:41:40:E4:DA:A0:3A:
                                72:74:66:42:84:C7:6F:46:39:1D:F6:B9:27:1A:F6:61:
                                C9:EC:10:21:78:8F:E2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        96:c4:1e:98:d1:f4:4d:dd:f7:96:e9:12:07:b1:09:7c:96:9c:
        45:9d:5c:36:4b:08:95:99:0e:dc:65:11:fb:1f:91:d1:35:46:
        20:92:73:70:e9:8b:27:02:9d:5e:5f:54:47:cf:38:07:38:75:
        67:33:c9:21:96:f9:25:21:cf:68:d5:42:3a:b8:21:3e:c4:41:
        03:04:68:72:9c:81:b9:6b:6d:53:19:49:ca:9c:7c:a6:b5:d6:
        8b:4d:a5:84:a9:7d:37:77:cc:47:4c:2b:42:49:b7:86:fc:8c:
        e5:76:84:84:e5:72:92:27:f8:84:2a:e5:7e:d2:b4:a8:f2:f6:
        15:9b:1e:26:19:4b:2a:dd:26:ec:2e:c3:c6:96:c7:30:f9:f1:
        99:8d:5a:a2:0e:d3:4e:3b:02:fe:68:c5:96:1f:5d:90:35:64:
        27:c7:bd:12:13:e5:77:71:62:70:4c:ec:cc:b6:54:c8:3b:f9:
        c5:bf:ca:43:50:1b:23:b2:91:1b:d7:67:a5:03:f0:4b:bc:00:
        1a:e9:83:82:dd:25:b1:b7:70:4a:73:37:b4:b7:39:65:63:79:
        e0:91:bb:1a:25:ac:5c:d8:e9:14:6e:12:00:2a:34:e1:b6:00:
        dc:e7:e8:7a:26:7d:6c:84:a7:b7:77:fd:fd:17:e4:30:c4:87:
        3b:74:e6:46

-734665188 | 2024-04-22T19:20:23.780831

53 / tcp

Not available
Resolver name: david.meccahosting.com

-734665188 | 2024-04-18T07:39:20.398318

53 / udp

Not available
Resolver name: david.meccahosting.com

700452158 | 2024-04-22T22:24:02.010429

80 / tcp

HTTP/1.1 301 Moved Permanently
Date: Mon, 22 Apr 2024 22:24:01 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000
Location: https://david.meccahosting.com/
Cache-Control: max-age=604800
Expires: Mon, 29 Apr 2024 22:24:01 GMT
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1

-794075736 | 2024-04-23T03:01:10.096519

443 / tcp

HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 03:01:10 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000
Content-Length: 318
Content-Type: text/html; charset=iso-8859-1

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            8e:82:32:b0:e7:a3:24:4f:19:7b:34:f1:d0:29:a6:8e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Jan 26 00:00:00 2024 GMT
            Not After : Jan 25 23:59:59 2025 GMT
        Subject: CN=*.meccahosting.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d9:13:84:89:a1:45:a2:d9:a2:3d:d4:27:22:1e:
                    96:82:5c:e1:d1:c2:e1:c5:46:d1:1e:58:0e:51:c1:
                    90:69:35:1b:ed:cd:da:cf:ae:3a:bd:fa:c8:b8:74:
                    04:b8:b8:f3:b9:9a:a9:5a:7c:7d:6d:4d:7f:5a:9b:
                    95:fb:a3:ed:b9:6c:fb:63:9c:c7:b0:aa:00:87:43:
                    ad:fa:83:26:2b:e1:0a:f8:47:08:73:21:b6:79:81:
                    1f:66:6d:3d:7c:ce:21:64:2a:76:fa:75:33:f7:16:
                    23:df:f0:3a:1b:d5:08:b7:cd:6d:b0:b5:28:35:74:
                    77:20:c6:f4:55:fa:69:d3:c9:93:f0:c3:3f:3d:26:
                    02:39:0a:47:23:b8:af:93:46:95:ec:4d:39:a5:46:
                    8c:f7:95:6e:00:52:30:ad:90:83:fd:91:b6:49:f2:
                    0c:1d:2d:af:55:c8:94:21:fe:7e:af:1c:5b:42:e9:
                    92:b8:9d:35:05:eb:3f:47:12:c1:2a:da:82:de:ba:
                    f8:ad:d0:ae:e7:6a:dc:e2:54:23:74:fb:bd:6a:38:
                    36:e5:29:7c:e7:f4:4d:b7:a2:de:3e:8d:ba:4b:69:
                    de:37:2d:cf:d1:26:0f:46:6b:89:50:49:2d:0a:d2:
                    42:74:d8:55:86:c0:0c:dc:cd:be:be:8d:fa:11:25:
                    92:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                F3:21:40:15:BA:CA:90:E8:77:2C:D6:12:D6:98:27:43:AA:E0:3B:13
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.meccahosting.com, DNS:meccahosting.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Jan 26 13:55:12.273 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:30:4E:6D:91:CF:C1:D4:C2:91:AF:3E:C1:
                                F8:AE:E1:90:FB:FB:EE:0D:9E:5E:A9:AD:A3:AA:B2:01:
                                9B:BC:C6:1B:02:21:00:C1:DB:6E:7E:C0:38:EC:A6:27:
                                08:AE:65:6D:38:44:F5:54:41:85:A1:26:06:96:07:83:
                                45:1E:2B:C5:9A:E6:0C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan 26 13:55:12.229 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6F:BB:C5:A1:DF:EA:D6:79:2A:9A:C8:0C:
                                CB:DA:E5:B0:74:4E:E6:46:05:F2:67:14:23:C4:DB:C8:
                                AE:F3:9A:C9:02:21:00:E8:7E:F7:E6:BF:98:63:29:6F:
                                43:D0:52:43:C6:65:B2:97:4C:BF:A0:25:98:DE:6E:82:
                                CE:E3:0C:28:24:72:70
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Jan 26 13:55:12.240 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A0:F7:14:F4:41:6B:E2:BA:05:F9:41:
                                61:FD:02:A4:07:EB:91:0B:8D:21:D6:02:BD:16:1C:62:
                                6E:2F:9D:D5:F5:02:20:6D:0F:30:41:40:E4:DA:A0:3A:
                                72:74:66:42:84:C7:6F:46:39:1D:F6:B9:27:1A:F6:61:
                                C9:EC:10:21:78:8F:E2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        96:c4:1e:98:d1:f4:4d:dd:f7:96:e9:12:07:b1:09:7c:96:9c:
        45:9d:5c:36:4b:08:95:99:0e:dc:65:11:fb:1f:91:d1:35:46:
        20:92:73:70:e9:8b:27:02:9d:5e:5f:54:47:cf:38:07:38:75:
        67:33:c9:21:96:f9:25:21:cf:68:d5:42:3a:b8:21:3e:c4:41:
        03:04:68:72:9c:81:b9:6b:6d:53:19:49:ca:9c:7c:a6:b5:d6:
        8b:4d:a5:84:a9:7d:37:77:cc:47:4c:2b:42:49:b7:86:fc:8c:
        e5:76:84:84:e5:72:92:27:f8:84:2a:e5:7e:d2:b4:a8:f2:f6:
        15:9b:1e:26:19:4b:2a:dd:26:ec:2e:c3:c6:96:c7:30:f9:f1:
        99:8d:5a:a2:0e:d3:4e:3b:02:fe:68:c5:96:1f:5d:90:35:64:
        27:c7:bd:12:13:e5:77:71:62:70:4c:ec:cc:b6:54:c8:3b:f9:
        c5:bf:ca:43:50:1b:23:b2:91:1b:d7:67:a5:03:f0:4b:bc:00:
        1a:e9:83:82:dd:25:b1:b7:70:4a:73:37:b4:b7:39:65:63:79:
        e0:91:bb:1a:25:ac:5c:d8:e9:14:6e:12:00:2a:34:e1:b6:00:
        dc:e7:e8:7a:26:7d:6c:84:a7:b7:77:fd:fd:17:e4:30:c4:87:
        3b:74:e6:46

979155237 | 2024-04-18T14:54:09.759541

3306 / tcp

4\x00\x00\x00\n5.1.68\x00N*\x00\x00X*eATbo(\x00\xff\xf7\x08\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00v<ejc4us`f`.\x00

-2115420993 | 2024-04-13T16:53:26.072515

8080 / tcp

HTTP/1.1 200 OK
ETag: W/"281-1143036000000"
Last-Modified: Wed, 22 Mar 2006 14:00:00 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 281
Date: Sat, 13 Apr 2024 16:53:25 GMT
Server: Apache-Coyote/1.1

23.239.28.228

Last Seen: 2024-04-24

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1790782239 | 2024-04-24T13:50:21.262532
21 / tcp

-734665188 | 2024-04-22T19:20:23.780831
53 / tcp

-734665188 | 2024-04-18T07:39:20.398318
53 / udp

700452158 | 2024-04-22T22:24:02.010429
80 / tcp

Apache httpd

-794075736 | 2024-04-23T03:01:10.096519
443 / tcp

Apache httpd

979155237 | 2024-04-18T14:54:09.759541
3306 / tcp

MySQL5.1.68

-2115420993 | 2024-04-13T16:53:26.072515
8080 / tcp

Apache Tomcat/Coyote JSP engine1.1

Products

Pricing

Contact Us

23.239.28.228

Last Seen: 2024-04-24

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1790782239 | 2024-04-24T13:50:21.262532 21 / tcp

-734665188 | 2024-04-22T19:20:23.780831 53 / tcp

-734665188 | 2024-04-18T07:39:20.398318 53 / udp

700452158 | 2024-04-22T22:24:02.010429 80 / tcp

Apache httpd

-794075736 | 2024-04-23T03:01:10.096519 443 / tcp

Apache httpd

979155237 | 2024-04-18T14:54:09.759541 3306 / tcp

MySQL5.1.68

-2115420993 | 2024-04-13T16:53:26.072515 8080 / tcp

Apache Tomcat/Coyote JSP engine1.1

Products

Pricing

Contact Us

-1790782239 | 2024-04-24T13:50:21.262532
21 / tcp

-734665188 | 2024-04-22T19:20:23.780831
53 / tcp

-734665188 | 2024-04-18T07:39:20.398318
53 / udp

700452158 | 2024-04-22T22:24:02.010429
80 / tcp

-794075736 | 2024-04-23T03:01:10.096519
443 / tcp

979155237 | 2024-04-18T14:54:09.759541
3306 / tcp

-2115420993 | 2024-04-13T16:53:26.072515
8080 / tcp